test(jans-fido2): add JUnit 5 coverage for Fido2MetricsData DTO by imran-ishaq · Pull Request #14139 · JanssenProject/jans (original) (raw)
Prepare
- Read PR guidelines
- Read license information
Description
Adds JUnit 5 test coverage for Fido2MetricsData, the transport DTO that carries every FIDO2 passkey operation event (registration, authentication, fallback) from the recording code path through to persistence and the REST analytics responses. The new test class locks the 12 snake_case JSON keys that form the REST API contract, the default constructor's UTC timestamp behavior, the @JsonIgnoreProperties(ignoreUnknown=true) forward-compatibility guarantee, the JSON serialize → deserialize roundtrip, and the nested DeviceInfo inner-class mapping. Test-only change; no production code or pom.xml changes. Step 3 of the FIDO2 metrics test rollout.
Target issue
Fido2MetricsData (jans-fido2/model/src/main/java/io/jans/fido2/model/metric/Fido2MetricsData.java) is the transport DTO that carries every passkey operation event — registration, authentication, fallback — from the recording code path through to persistence and through the REST analytics responses. It has 22 fields annotated with Jackson @JsonProperty snake-case names (e.g., operationType → "operation_type", durationMs → "duration_ms"), a default constructor that auto-stamps timestamp to the current UTC time, and a nested DeviceInfo static inner class with its own 6 JSON-mapped fields. None of this is tested today.
Two specific regressions would be silent failures:
- If any
@JsonPropertyvalue drifts, the REST API contract silently breaks for consumers and previously serialized payloads stop deserializing. - If the constructor's UTC timezone behavior regresses (e.g., switching to system default), every persisted timestamp becomes wrong for non-UTC servers.
This PR is step 3 of the FIDO2 metrics test rollout (steps 1 and 2 added Fido2MetricTypeTest and Fido2MetricsConstantsTest).
closes #14123
Implementation Details
Adds a single new JUnit 5 test class — jans-fido2/model/src/test/java/io/jans/fido2/model/metric/Fido2MetricsDataTest.java — with 7 grouped @Test methods, one per spec'd behavior:
| Behavior | Test method |
|---|---|
| Default constructor stamps timestamp in UTC | testDefaultConstructorStampsUtcTimestamp |
| Getter/setter roundtrip (sample per type group) | testGetterSetterRoundtripCoversEachValueType |
| Jackson serialization uses snake_case keys (12 keys locked) | testJsonSerializationUsesSnakeCaseKeys |
| Serialize → deserialize roundtrip | testJsonSerializationDeserializationRoundtrip |
| @JsonIgnoreProperties(ignoreUnknown=true) honored | testJsonDeserializationIgnoresUnknownFields |
| Nested DeviceInfo getter/setter roundtrip | testDeviceInfoGetterSetterRoundtrip |
| Nested DeviceInfo snake_case key mapping | testDeviceInfoJsonUsesSnakeCaseKeys |
Design choices worth flagging:
- Sampled rather than exhaustive getter/setter coverage. One field per value-type group (
String,Long,Integer,Double,LocalDateTime,Map, nested type) — the same wiring class of bugs is caught without adding 40+ near-identical methods. - JSON assertions check key presence, not full-string equality. Field-order changes don't break the test; the API contract is still locked.
- UTC stamping is asserted via a window, not exact equality — captures
LocalDateTime.now(UTC)before and after construction and asserts the stampedtimestampfalls in the window. Robust against sub-millisecond clock jitter withoutThread.sleep. ObjectMapperis configured withJavaTimeModuleso theLocalDateTimeround-trip is meaningful. Jackson (jackson-databind+jackson-datatype-jsr310) is already available transitively on the test classpath viajans-auth-model→jans-core-util— no new direct dependencies were added.
Scope:
- Test-only addition under
src/test. - No production-code changes under
src/main. - No
pom.xmlchanges.
Local verification: mvn -pl model -am test from jans-fido2/ — 7 tests, 0 failures, 0 errors.
Test and Document the changes
- Static code analysis has been run locally and issues have been fixed
- Relevant unit and integration tests have been added/updated
- Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)
Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.
- I confirm that there is no impact on the docs due to the code changes in this PR.
Summary by CodeRabbit
- Tests
- Added test coverage for metrics data functionality, validating timestamp initialization, property accessors, JSON serialization and deserialization, handling of nested structures, and tolerance for unknown fields in data payloads.